| CVE-2022-36359 |
AVG-2810 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-34265 |
AVG-2788 |
High |
Yes |
Sql injection |
Trunc() and Extract() database functions were subject to SQL injection if untrusted data was used as a kind/lookup_name value |
| CVE-2022-28347 |
AVG-2667 |
High |
Yes |
Sql injection |
QuerySet.explain() method was subject to SQL injection in option names, using a suitably crafted dictionary, with dictionary expansion, as the **options argument. |
| CVE-2022-28346 |
AVG-2667 |
High |
Yes |
Sql injection |
QuerySet.annotate(), aggregate(), and extra() methods were subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary... |
| CVE-2022-23833 |
AVG-2808 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-22818 |
AVG-2808 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2021-44420 |
AVG-2605 |
Low |
Yes |
Access restriction bypass |
A security issue has been found in Django before version 3.2.10. HTTP requests for URLs with trailing newlines could bypass an upstream access control based... |
| CVE-2021-35042 |
AVG-2123 |
High |
Yes |
Insufficient validation |
A security issue has been found in Django before version 3.2.5. Unsanitized user input passed to QuerySet.order_by() could bypass intended column reference... |
| CVE-2021-33571 |
AVG-2026 |
Medium |
Yes |
Insufficient validation |
A security issue has been found in Django before version 3.2.4. URLValidator, validate_ipv4_address(), and validate_ipv46_address() didn't prohibit leading... |
| CVE-2021-33203 |
AVG-2026 |
Low |
Yes |
Directory traversal |
A security issue has been found in Django before version 3.2.4. Staff members could use the admindocs TemplateDetailView view to check the existence of... |
| CVE-2021-32052 |
AVG-1924 |
Medium |
Yes |
Url request injection |
In Django before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application... |
| CVE-2021-31542 |
AVG-1910 |
Low |
Yes |
Directory traversal |
A security issue has been found in Django before version 3.2.1. MultiPartParser, UploadedFile, and FieldFile allowed directory- traversal via uploaded files... |
| CVE-2021-28658 |
AVG-1776 |
Low |
Yes |
Directory traversal |
A security issue was discovered in Django before versions 3.1.8, 3.0.14 and 2.2.20. MultiPartParser allowed directory-traversal via uploaded files with... |
| CVE-2021-23336 |
AVG-1593 |
Medium |
Yes |
Url request injection |
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable... |
| CVE-2021-3281 |
AVG-1518 |
Low |
No |
Directory traversal |
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and... |
| CVE-2020-24584 |
AVG-1217 |
Medium |
Yes |
Insufficient validation |
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories... |
| CVE-2020-24583 |
AVG-1217 |
Medium |
Yes |
Access restriction bypass |
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS... |
| CVE-2020-13596 |
AVG-1176 |
Medium |
Yes |
Cross-site scripting |
A possible XSS has been found in Django before 3.0.7, via admin ForeignKeyRawIdWidget. Query parameters for the admin ForeignKeyRawIdWidget were not... |
| CVE-2020-13254 |
AVG-1176 |
Medium |
Yes |
Information disclosure |
An information disclosure issue has been found in Django before 3.0.7, via malformed memcached keys. In cases where a memcached backend does not perform key... |
| CVE-2020-9402 |
AVG-1111 |
Medium |
Yes |
Sql injection |
A potential SQL injection has been found in Django before 3.0.4, via tolerance parameter in GIS functions and aggregates on Oracle. |
| CVE-2020-7471 |
AVG-1091 |
Medium |
Yes |
Sql injection |
django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter. |
| CVE-2019-19844 |
AVG-1080 |
High |
Yes |
Insufficient validation |
Django's password-reset form uses a case-insensitive query to retrieve accounts matching the email address requesting the password reset. Because this... |
| CVE-2019-19118 |
AVG-1070 |
Low |
Yes |
Privilege escalation |
A privilege escalation issue has been found in Django since 2.1 and before 2.2.8 or 2.1.15, where a user who lacks permission to edit a model should not be... |
| CVE-2019-14235 |
AVG-1015 |
Medium |
Yes |
Denial of service |
If passed certain inputs, django.utils.encoding.uri_to_iri() could lead to significant memory usage due to excessive recursion when re- percent encoding... |
| CVE-2019-14234 |
AVG-1015 |
Medium |
Yes |
Sql injection |
Key and index lookups for JSONField and key lookups for HStoreField were subject to SQL injection, using a suitably crafted dictionary, with dictionary... |
| CVE-2019-14233 |
AVG-1015 |
Medium |
Yes |
Denial of service |
Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags() would be extremely slow to evaluate certain inputs containing large... |
| CVE-2019-14232 |
AVG-1015 |
Medium |
Yes |
Denial of service |
If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were passed the ``html=True`` argument, they were extremely slow to evaluate... |
| CVE-2019-12781 |
AVG-1000 |
High |
Yes |
Silent downgrade |
An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via... |
| CVE-2019-12308 |
AVG-969 |
Medium |
Yes |
Cross-site scripting |
The clickable "Current URL" link generated by AdminURLFieldWidget displayed the provided value without validating it as a safe URL. Thus, an unvalidated... |
| CVE-2019-11358 |
AVG-969 |
Medium |
Yes |
Cross-site scripting |
jQuery before 3.4.0, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable... |
| CVE-2019-6975 |
AVG-881 |
Medium |
Yes |
Denial of service |
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows uncontrolled memory consumption via a malicious attacker- supplied value to... |
| CVE-2019-3498 |
AVG-839 |
Medium |
Yes |
Content spoofing |
A content spoofing issue has been found in django before 2.1.5 and 1.11.18, where an attacker could craft a malicious URL that could make spoofed content... |
| CVE-2018-16984 |
AVG-773 |
Medium |
Yes |
Information disclosure |
If an admin user has the change permission to the user model, only part of the password hash is displayed in the change form. Admin users with the view (but... |
| CVE-2018-14574 |
AVG-743 |
Medium |
Yes |
Open redirect |
If the django.middleware.common.CommonMiddleware and the APPEND_SLASH setting are both enabled, and if the project has a URL pattern that accepts any path... |
| CVE-2018-7537 |
AVG-649 |
Medium |
Yes |
Denial of service |
If django.utils.text.Truncator’s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to... |
| CVE-2018-7536 |
AVG-649 |
Medium |
Yes |
Denial of service |
The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular... |
| CVE-2018-6188 |
AVG-624 |
Medium |
Yes |
Information disclosure |
A regression in Django 1.11.8 and 1.11.9 before 1.11.10 and 2.0 before 2.0.2 made AuthenticationForm run its confirm_login_allowed() method even if an... |
| CVE-2017-7234 |
AVG-233 |
Medium |
Yes |
Open redirect |
A maliciously crafted URL to a Django site using the serve() view could redirect to any other domain. The view no longer does any redirects as they don’t... |
| CVE-2017-7233 |
AVG-233 |
Medium |
Yes |
Cross-site scripting |
Django relies on user input in some cases (e.g. django.contrib.auth.views.login() and i18n) to redirect the user to an “on success” URL. The security check... |
| CVE-2016-9014 |
AVG-57 |
High |
Yes |
Access restriction bypass |
Older versions of Django don't validate the Host header against settings.ALLOWED_HOSTS when settings.DEBUG=True. This makes them vulnerable to a DNS... |
| CVE-2016-9013 |
AVG-57 |
High |
Yes |
Authentication bypass |
When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the... |
| CVE-2016-7401 |
AVG-35 |
Medium |
Yes |
Cross-site request forgery |
Sergey Bobrov found a vulnerability where an interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary... |